diff options
author | Philippe Mathieu-Daudé <f4bug@amsat.org> | 2017-07-24 15:27:47 -0300 |
---|---|---|
committer | Laurent Vivier <laurent@vivier.eu> | 2018-06-04 01:30:43 +0200 |
commit | 871f95c6171d5301d14dbc73997aa8fbd8e9e7ef (patch) | |
tree | 8f22b3e4f82d900daa01ed5122506033e0bcf4c6 | |
parent | 392fba9f583223786f844dce9b2e7f9a0ce0147a (diff) |
syscall: replace strcpy() by g_strlcpy()
linux-user/syscall.c:9860:17: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy (buf->machine, cpu_to_uname_machine(cpu_env));
^~~~~~
Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20170724182751.18261-32-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
-rw-r--r-- | linux-user/syscall.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/linux-user/syscall.c b/linux-user/syscall.c index d02c16bbc6..7b9ac3b408 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -10156,7 +10156,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, if (!is_error(ret)) { /* Overwrite the native machine name with whatever is being emulated. */ - strcpy (buf->machine, cpu_to_uname_machine(cpu_env)); + g_strlcpy(buf->machine, cpu_to_uname_machine(cpu_env), + sizeof(buf->machine)); /* Allow the user to override the reported release. */ if (qemu_uname_release && *qemu_uname_release) { g_strlcpy(buf->release, qemu_uname_release, |